diff --git a/CVE-2024/CVE-2024-122xx/CVE-2024-12244.json b/CVE-2024/CVE-2024-122xx/CVE-2024-12244.json new file mode 100644 index 00000000000..58781e7d416 --- /dev/null +++ b/CVE-2024/CVE-2024-122xx/CVE-2024-12244.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-12244", + "sourceIdentifier": "cve@gitlab.com", + "published": "2025-04-24T08:15:14.020", + "lastModified": "2025-04-24T08:15:14.020", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An issue has been discovered in access controls could allow users to view certain restricted project information even when related features are disabled in GitLab EE, affecting all versions from 17.7 prior to 17.9.7, 17.10 prior to 17.10.5, and 17.11 prior to 17.11.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@gitlab.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "cve@gitlab.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/508046", + "source": "cve@gitlab.com" + }, + { + "url": "https://hackerone.com/reports/2862754", + "source": "cve@gitlab.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-133xx/CVE-2024-13307.json b/CVE-2024/CVE-2024-133xx/CVE-2024-13307.json new file mode 100644 index 00000000000..4450812eac9 --- /dev/null +++ b/CVE-2024/CVE-2024-133xx/CVE-2024-13307.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-13307", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-04-24T09:15:28.607", + "lastModified": "2025-04-24T09:15:28.607", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Reales WP - Real Estate WordPress Theme theme for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on the 'reales_delete_file', 'reales_delete_file_plans', 'reales_add_to_favourites', and 'reales_remove_from_favourites' functions in all versions up to, and including, 2.1.2. This makes it possible for unauthenticated attackers to delete arbitrary attachments, and add or remove favorite property listings for any user." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://themeforest.net/item/reales-wp-real-estate-wordpress-theme/10330568", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cb94caa4-35a4-4aa3-8d25-263bbd58072a?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-06xx/CVE-2025-0639.json b/CVE-2025/CVE-2025-06xx/CVE-2025-0639.json new file mode 100644 index 00000000000..95a2060aa61 --- /dev/null +++ b/CVE-2025/CVE-2025-06xx/CVE-2025-0639.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2025-0639", + "sourceIdentifier": "cve@gitlab.com", + "published": "2025-04-24T08:15:14.190", + "lastModified": "2025-04-24T08:15:14.190", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An issue has been discovered affecting service availability via issue preview in GitLab CE/EE affecting all versions from 16.7 before 17.9.7, 17.10 before 17.10.5, and 17.11 before 17.11.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@gitlab.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "cve@gitlab.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-770" + } + ] + } + ], + "references": [ + { + "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/514507", + "source": "cve@gitlab.com" + }, + { + "url": "https://hackerone.com/reports/2946553", + "source": "cve@gitlab.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-07xx/CVE-2025-0755.json b/CVE-2025/CVE-2025-07xx/CVE-2025-0755.json index 0bcad186f4f..e10e9828f5d 100644 --- a/CVE-2025/CVE-2025-07xx/CVE-2025-0755.json +++ b/CVE-2025/CVE-2025-07xx/CVE-2025-0755.json @@ -2,7 +2,7 @@ "id": "CVE-2025-0755", "sourceIdentifier": "cna@mongodb.com", "published": "2025-03-18T09:15:11.487", - "lastModified": "2025-03-18T09:15:11.487", + "lastModified": "2025-04-24T09:15:29.790", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -52,6 +52,10 @@ } ], "references": [ + { + "url": "https://jira.mongodb.org/browse/CDRIVER-5601", + "source": "cna@mongodb.com" + }, { "url": "https://jira.mongodb.org/browse/SERVER-94461", "source": "cna@mongodb.com" diff --git a/CVE-2025/CVE-2025-12xx/CVE-2025-1284.json b/CVE-2025/CVE-2025-12xx/CVE-2025-1284.json new file mode 100644 index 00000000000..ce639195e3a --- /dev/null +++ b/CVE-2025/CVE-2025-12xx/CVE-2025-1284.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2025-1284", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-04-24T09:15:29.963", + "lastModified": "2025-04-24T09:15:29.963", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Woocommerce Automatic Order Printing | ( Formerly WooCommerce Google Cloud Print) plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.1 via the xc_woo_printer_preview AJAX action due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level access and above, to view other user's invoices and orders which can contain sensitive information." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-639" + } + ] + } + ], + "references": [ + { + "url": "https://codecanyon.net/item/woocommerce-google-cloud-print/21129093", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6f593dce-4b56-46c0-becd-75fd16f165a8?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-19xx/CVE-2025-1908.json b/CVE-2025/CVE-2025-19xx/CVE-2025-1908.json new file mode 100644 index 00000000000..883d21ff0be --- /dev/null +++ b/CVE-2025/CVE-2025-19xx/CVE-2025-1908.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2025-1908", + "sourceIdentifier": "cve@gitlab.com", + "published": "2025-04-24T08:15:14.333", + "lastModified": "2025-04-24T08:15:14.333", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An issue has been discovered in GitLab EE/CE that could allow an attacker to track users' browsing activities, potentially leading to full account take-over, affecting all versions from 16.6 before 17.9.7, 17.10 before 17.10.5, and 17.11 before 17.11.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@gitlab.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N", + "baseScore": 7.7, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.3, + "impactScore": 5.8 + } + ] + }, + "weaknesses": [ + { + "source": "cve@gitlab.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-840" + } + ] + } + ], + "references": [ + { + "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/523065", + "source": "cve@gitlab.com" + }, + { + "url": "https://hackerone.com/reports/3016623", + "source": "cve@gitlab.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-25xx/CVE-2025-2543.json b/CVE-2025/CVE-2025-25xx/CVE-2025-2543.json new file mode 100644 index 00000000000..19fe72b0005 --- /dev/null +++ b/CVE-2025/CVE-2025-25xx/CVE-2025-2543.json @@ -0,0 +1,72 @@ +{ + "id": "CVE-2025-2543", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-04-24T09:15:30.143", + "lastModified": "2025-04-24T09:15:30.143", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Advanced Accordion Gutenberg Block plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 5.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 6.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/advanced-accordion-block/tags/4.8.2/advanced-accordion-block.php#L363", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/advanced-accordion-block/tags/4.8.2/advanced-accordion-block.php#L364", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/advanced-accordion-block/tags/4.8.2/advanced-accordion-block.php#L369", + "source": "security@wordfence.com" + }, + { + "url": "https://wordpress.org/plugins/advanced-accordion-block/#developers", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/79752ac3-cb5f-4d86-be58-c4b892e4edd6?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-25xx/CVE-2025-2579.json b/CVE-2025/CVE-2025-25xx/CVE-2025-2579.json new file mode 100644 index 00000000000..e3c0287c97b --- /dev/null +++ b/CVE-2025/CVE-2025-25xx/CVE-2025-2579.json @@ -0,0 +1,68 @@ +{ + "id": "CVE-2025-2579", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-04-24T09:15:30.317", + "lastModified": "2025-04-24T09:15:30.317", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Lottie Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via File uploads in all versions up to, and including, 1.1.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the uploaded file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 6.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/embed-lottie-player/tags/1.1.8/plugin.php#L130", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/embed-lottie-player/tags/1.1.8/plugin.php#L82", + "source": "security@wordfence.com" + }, + { + "url": "https://wordpress.org/plugins/embed-lottie-player/#developers", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b85b314d-a155-4cec-95c9-0db4b9d8e59b?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-30xx/CVE-2025-3058.json b/CVE-2025/CVE-2025-30xx/CVE-2025-3058.json new file mode 100644 index 00000000000..df1cfba349d --- /dev/null +++ b/CVE-2025/CVE-2025-30xx/CVE-2025-3058.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2025-3058", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-04-24T09:15:30.500", + "lastModified": "2025-04-24T09:15:30.500", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Xelion Webchat plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the xwc_save_settings() function in all versions up to, and including, 9.1.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update arbitrary options on the WordPress site. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/xelion-webchat/trunk//includes/class-xelion-webchat-ajax-admin.php#L119", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/250202d5-3a0d-494c-8386-1f4cd015ad7e?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-30xx/CVE-2025-3065.json b/CVE-2025/CVE-2025-30xx/CVE-2025-3065.json new file mode 100644 index 00000000000..847a3948eb2 --- /dev/null +++ b/CVE-2025/CVE-2025-30xx/CVE-2025-3065.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2025-3065", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-04-24T09:15:30.663", + "lastModified": "2025-04-24T09:15:30.663", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Database Toolset plugin is vulnerable to arbitrary file deletion due to insufficient file path validation in a function in all versions up to, and including, 1.8.4. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php)." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", + "baseScore": 9.1, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/database-toolset/trunk/admin/class-database-toolset-admin.php#L109", + "source": "security@wordfence.com" + }, + { + "url": "https://wordpress.org/plugins/database-toolset/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0e656123-cae4-4e0c-a80a-98526be293a8?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-31xx/CVE-2025-3101.json b/CVE-2025/CVE-2025-31xx/CVE-2025-3101.json new file mode 100644 index 00000000000..1ed09855f59 --- /dev/null +++ b/CVE-2025/CVE-2025-31xx/CVE-2025-3101.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2025-3101", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-04-24T09:15:30.843", + "lastModified": "2025-04-24T09:15:30.843", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Configurator Theme Core plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.4.7. This is due to the plugin not properly validating user meta fields prior to updating them in the database. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change escalate their privileges to Administrator." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-269" + } + ] + } + ], + "references": [ + { + "url": "https://themeforest.net/item/configurator-woocommerce-wordpress-theme/20474230", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/535aa061-479f-415e-bee6-3151c42b917e?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-32xx/CVE-2025-3280.json b/CVE-2025/CVE-2025-32xx/CVE-2025-3280.json new file mode 100644 index 00000000000..40594788eb2 --- /dev/null +++ b/CVE-2025/CVE-2025-32xx/CVE-2025-3280.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2025-3280", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-04-24T09:15:31.020", + "lastModified": "2025-04-24T09:15:31.020", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes plugin for WordPress is vulnerable to SQL Injection via the 'attribute_value_filter' parameter in all versions up to, and including, 1.4.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://wordpress.org/plugins/elex-bulk-edit-products-prices-attributes-for-woocommerce-basic/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e2e4b83a-34d5-4a8a-b694-a887a46fe6bf?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-33xx/CVE-2025-3300.json b/CVE-2025/CVE-2025-33xx/CVE-2025-3300.json new file mode 100644 index 00000000000..f31fc0de360 --- /dev/null +++ b/CVE-2025/CVE-2025-33xx/CVE-2025-3300.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2025-3300", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-04-24T09:15:31.203", + "lastModified": "2025-04-24T09:15:31.203", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The WPMasterToolKit (WPMTK) \u2013 All in one plugin plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.5.2. This makes it possible for authenticated attackers, with Administrator-level access and above, to read and modify the contents of arbitrary files on the server, which can contain sensitive information." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.2, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://wordpress.org/plugins/wpmastertoolkit/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c389ba1a-45c5-4fba-9b99-0713fe39da42?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-36xx/CVE-2025-3603.json b/CVE-2025/CVE-2025-36xx/CVE-2025-3603.json new file mode 100644 index 00000000000..04bc1941812 --- /dev/null +++ b/CVE-2025/CVE-2025-36xx/CVE-2025-3603.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2025-3603", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-04-24T09:15:31.367", + "lastModified": "2025-04-24T09:15:31.367", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Flynax Bridge plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 2.2.0. This is due to the plugin not properly validating a user's identity prior to updating their details like password. This makes it possible for unauthenticated attackers to change arbitrary user's passwords, including administrators, and leverage that to gain access to their account." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-620" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/flynax-bridge/trunk/request.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/fa8124db-ee6a-481d-88c6-4cc84fefcf1c?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-36xx/CVE-2025-3604.json b/CVE-2025/CVE-2025-36xx/CVE-2025-3604.json new file mode 100644 index 00000000000..9a78efa2d81 --- /dev/null +++ b/CVE-2025/CVE-2025-36xx/CVE-2025-3604.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2025-3604", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-04-24T09:15:31.537", + "lastModified": "2025-04-24T09:15:31.537", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Flynax Bridge plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 2.2.0. This is due to the plugin not properly validating a user's identity prior to updating their details like email. This makes it possible for unauthenticated attackers to change arbitrary user's email addresses, including administrators, and leverage that to reset the user's password and gain access to their account." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/flynax-bridge/trunk/request.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/935caa43-4c75-47ad-a631-63988e21f834?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-36xx/CVE-2025-3607.json b/CVE-2025/CVE-2025-36xx/CVE-2025-3607.json new file mode 100644 index 00000000000..bbe69e8effe --- /dev/null +++ b/CVE-2025/CVE-2025-36xx/CVE-2025-3607.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2025-3607", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-04-24T09:15:31.730", + "lastModified": "2025-04-24T09:15:31.730", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Frontend Login and Registration Blocks plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.0.7. This is due to the plugin not properly validating a user's identity prior to updating a password. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change arbitrary user's passwords, including administrators, and leverage that to gain access to their account." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-620" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/frontend-login-and-registration-blocks/trunk/inc/class-flr-blocks-lost-password.php#L115", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b06ce1e4-5cfb-415d-ad09-db194d6b4354?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-37xx/CVE-2025-3776.json b/CVE-2025/CVE-2025-37xx/CVE-2025-3776.json new file mode 100644 index 00000000000..1ef81d3938a --- /dev/null +++ b/CVE-2025/CVE-2025-37xx/CVE-2025-3776.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2025-3776", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-04-24T09:15:31.890", + "lastModified": "2025-04-24T09:15:31.890", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Verification SMS with TargetSMS plugin for WordPress is vulnerable to limited Remote Code Execution in all versions up to, and including, 1.5 via the 'targetvr_ajax_handler' function. This is due to a lack of validation on the type of function that can be called. This makes it possible for unauthenticated attackers to execute any callable function on the site, such as phpinfo()." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L", + "baseScore": 8.3, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/verification-sms-targetsms/trunk/inc/ajax.php#L7", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/verification-sms-targetsms/trunk/inc/ajax.php#L9", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ed08d248-7467-4a3b-91a2-4286d91b9c50?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-37xx/CVE-2025-3793.json b/CVE-2025/CVE-2025-37xx/CVE-2025-3793.json new file mode 100644 index 00000000000..0417cf10d67 --- /dev/null +++ b/CVE-2025/CVE-2025-37xx/CVE-2025-3793.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2025-3793", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-04-24T09:15:32.077", + "lastModified": "2025-04-24T09:15:32.077", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Buddypress Force Password Change plugin for WordPress is vulnerable to authenticated account takeover due to the plugin not properly validating a user's identity prior to updating their password through the 'bp_force_password_ajax' function in all versions up to, and including, 0.1. This makes it possible for authenticated attackers, with subscriber-level access and above and under certain prerequisites, to change arbitrary user's passwords, including administrators, and leverage that to gain access to their accounts." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", + "baseScore": 4.2, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.6, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-620" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/buddy-press-force-password-change/trunk/bp-force-password-change.php#L93", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e3048c4c-77b1-4778-a5d0-b532df777d06?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-38xx/CVE-2025-3832.json b/CVE-2025/CVE-2025-38xx/CVE-2025-3832.json new file mode 100644 index 00000000000..d24b9cc819c --- /dev/null +++ b/CVE-2025/CVE-2025-38xx/CVE-2025-3832.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2025-3832", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-04-24T09:15:32.250", + "lastModified": "2025-04-24T09:15:32.250", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The FuseDesk plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018successredirect\u2019 parameter in all versions up to, and including, 6.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 6.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/fusedesk/trunk/fusedesk.php#L516", + "source": "security@wordfence.com" + }, + { + "url": "https://wordpress.org/plugins/fusedesk/#developers", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/baf12413-eb45-44c3-a6c9-f5a048d6500d?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-414xx/CVE-2025-41423.json b/CVE-2025/CVE-2025-414xx/CVE-2025-41423.json index 03f595aded8..6d67eb7a7b9 100644 --- a/CVE-2025/CVE-2025-414xx/CVE-2025-41423.json +++ b/CVE-2025/CVE-2025-414xx/CVE-2025-41423.json @@ -9,6 +9,10 @@ { "lang": "en", "value": "Mattermost versions 10.4.x <= 10.4.2, 10.5.x <= 10.5.0, 9.11.x <= 9.11.10\u00a0fail to properly validate permissions for the API endpoint /plugins/playbooks/api/v0/signal/keywords/ignore-thread, allowing any user or attacker to delete posts containing actions created by the Playbooks bot, even without channel access or appropriate permissions." + }, + { + "lang": "es", + "value": "Las versiones de Mattermost 10.4.x <= 10.4.2, 10.5.x <= 10.5.0, 9.11.x <= 9.11.10 no validan correctamente los permisos para el endpoint de API /plugins/playbooks/api/v0/signal/keywords/ignore-thread, lo que permite que cualquier usuario o atacante elimine publicaciones que contengan acciones creadas por el bot Playbooks, incluso sin acceso al canal o permisos adecuados." } ], "metrics": { diff --git a/README.md b/README.md index 05c66abe738..fb570790cb0 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2025-04-24T08:00:20.677145+00:00 +2025-04-24T10:00:19.431267+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2025-04-24T07:15:31.740000+00:00 +2025-04-24T09:15:32.250000+00:00 ``` ### Last Data Feed Release @@ -33,28 +33,39 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -291227 +291245 ``` ### CVEs added in the last Commit -Recently added CVEs: `7` +Recently added CVEs: `18` -- [CVE-2025-1453](CVE-2025/CVE-2025-14xx/CVE-2025-1453.json) (`2025-04-24T06:15:43.957`) -- [CVE-2025-2558](CVE-2025/CVE-2025-25xx/CVE-2025-2558.json) (`2025-04-24T06:15:45.800`) -- [CVE-2025-32730](CVE-2025/CVE-2025-327xx/CVE-2025-32730.json) (`2025-04-24T07:15:31.077`) -- [CVE-2025-35965](CVE-2025/CVE-2025-359xx/CVE-2025-35965.json) (`2025-04-24T07:15:31.280`) -- [CVE-2025-3761](CVE-2025/CVE-2025-37xx/CVE-2025-3761.json) (`2025-04-24T07:15:31.437`) -- [CVE-2025-41395](CVE-2025/CVE-2025-413xx/CVE-2025-41395.json) (`2025-04-24T07:15:31.600`) -- [CVE-2025-41423](CVE-2025/CVE-2025-414xx/CVE-2025-41423.json) (`2025-04-24T07:15:31.740`) +- [CVE-2024-12244](CVE-2024/CVE-2024-122xx/CVE-2024-12244.json) (`2025-04-24T08:15:14.020`) +- [CVE-2024-13307](CVE-2024/CVE-2024-133xx/CVE-2024-13307.json) (`2025-04-24T09:15:28.607`) +- [CVE-2025-0639](CVE-2025/CVE-2025-06xx/CVE-2025-0639.json) (`2025-04-24T08:15:14.190`) +- [CVE-2025-1284](CVE-2025/CVE-2025-12xx/CVE-2025-1284.json) (`2025-04-24T09:15:29.963`) +- [CVE-2025-1908](CVE-2025/CVE-2025-19xx/CVE-2025-1908.json) (`2025-04-24T08:15:14.333`) +- [CVE-2025-2543](CVE-2025/CVE-2025-25xx/CVE-2025-2543.json) (`2025-04-24T09:15:30.143`) +- [CVE-2025-2579](CVE-2025/CVE-2025-25xx/CVE-2025-2579.json) (`2025-04-24T09:15:30.317`) +- [CVE-2025-3058](CVE-2025/CVE-2025-30xx/CVE-2025-3058.json) (`2025-04-24T09:15:30.500`) +- [CVE-2025-3065](CVE-2025/CVE-2025-30xx/CVE-2025-3065.json) (`2025-04-24T09:15:30.663`) +- [CVE-2025-3101](CVE-2025/CVE-2025-31xx/CVE-2025-3101.json) (`2025-04-24T09:15:30.843`) +- [CVE-2025-3280](CVE-2025/CVE-2025-32xx/CVE-2025-3280.json) (`2025-04-24T09:15:31.020`) +- [CVE-2025-3300](CVE-2025/CVE-2025-33xx/CVE-2025-3300.json) (`2025-04-24T09:15:31.203`) +- [CVE-2025-3603](CVE-2025/CVE-2025-36xx/CVE-2025-3603.json) (`2025-04-24T09:15:31.367`) +- [CVE-2025-3604](CVE-2025/CVE-2025-36xx/CVE-2025-3604.json) (`2025-04-24T09:15:31.537`) +- [CVE-2025-3607](CVE-2025/CVE-2025-36xx/CVE-2025-3607.json) (`2025-04-24T09:15:31.730`) +- [CVE-2025-3776](CVE-2025/CVE-2025-37xx/CVE-2025-3776.json) (`2025-04-24T09:15:31.890`) +- [CVE-2025-3793](CVE-2025/CVE-2025-37xx/CVE-2025-3793.json) (`2025-04-24T09:15:32.077`) +- [CVE-2025-3832](CVE-2025/CVE-2025-38xx/CVE-2025-3832.json) (`2025-04-24T09:15:32.250`) ### CVEs modified in the last Commit Recently modified CVEs: `2` -- [CVE-2024-2637](CVE-2024/CVE-2024-26xx/CVE-2024-2637.json) (`2025-04-24T07:15:29.910`) -- [CVE-2025-1731](CVE-2025/CVE-2025-17xx/CVE-2025-1731.json) (`2025-04-24T06:15:45.497`) +- [CVE-2025-0755](CVE-2025/CVE-2025-07xx/CVE-2025-0755.json) (`2025-04-24T09:15:29.790`) +- [CVE-2025-41423](CVE-2025/CVE-2025-414xx/CVE-2025-41423.json) (`2025-04-24T07:15:31.740`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 6db304a69da..22c242a77e5 100644 --- a/_state.csv +++ b/_state.csv @@ -246773,6 +246773,7 @@ CVE-2024-1224,0,0,cbfbaa5b4f0e1c410530412d727d5bf58dfe126bd3d740f330bf5c6e93a065 CVE-2024-12240,0,0,6672995b52813f98387098ac3b3013676e82d4cc5e92b1023b4a144f1eea1a77,2025-01-14T11:15:15.137000 CVE-2024-12242,0,0,2f55c665eef830ff2620035cbcfe4292d890dc745ab209f9df7f0382ca44ae3c,2025-02-11T02:15:33.653000 CVE-2024-12243,0,0,21abb63f551c04214ac9f57da8e02697b40abe367a9fc617ebe76745884217b6,2025-04-23T11:15:45.773000 +CVE-2024-12244,1,1,fa50cd2547d8fb6a417b66da507e1039bd7f40e064b2423e4dc32534c6f21fea,2025-04-24T08:15:14.020000 CVE-2024-12245,0,0,31276812dc8de5bfdb7bab3cdab8b1c866149ec90ff0dd7db23266bd4fc80d08,2025-03-14T18:15:27.530000 CVE-2024-12246,0,0,25e368b7b625668da07b20dc2399fc14978a413e8f5dc9b92a1c223e61cf9256,2025-02-11T02:15:33.710000 CVE-2024-12247,0,0,ad117a7da5529073984608210b9ebf0c8357341e47d0f7a47c01f4275cf4ac25,2024-12-05T16:15:25.243000 @@ -247818,6 +247819,7 @@ CVE-2024-13303,0,0,45400694ac4670f48d80d8a7e39a4bc849293c35e8276e2742f48056b9fcf CVE-2024-13304,0,0,24b1a36018af16d753703a5b5b1bb932f9f36c2f21a7231aac95060bf05434cb,2025-01-10T18:15:21.263000 CVE-2024-13305,0,0,3a4cf301307578a6e63a4f0538c798b9e10f6efb81525d14d4ca11f02d0c6cd6,2025-01-10T17:15:16.820000 CVE-2024-13306,0,0,8dea45fe22ef583481b71e4e38fb1b41d30b1fbc236314f0aca5a51f0af052da,2025-02-18T21:15:19.877000 +CVE-2024-13307,1,1,627aff32021cf571d960a70940675ade97bb4e903958380977dcfcdf10f44a13,2025-04-24T09:15:28.607000 CVE-2024-13308,0,0,5a7c5de49dea6dce6146be04ca3299c64c19e3ab1de1461d50a35b802bb7ee20,2025-01-30T22:15:08.723000 CVE-2024-13309,0,0,0b3b8b334a1de7768f2a2e87180e2cff3c33f0ede7bad89f9b0bac93a7d10749,2025-01-30T22:15:08.880000 CVE-2024-1331,0,0,b8018aa4d406613d3ec27aefa47c4e3b21af15db4ddfb753850f1de6f3ba1fdc,2024-11-21T08:50:21.027000 @@ -254034,7 +254036,7 @@ CVE-2024-2636,0,0,129863ab8220a5a793261a0f53b6625d5b1715c77601fc7265e1c778ba60fe CVE-2024-26362,0,0,e834700fba5d3ed8885f15b0a32604b45d432edd1830049b357b7fb96ec22779,2024-11-21T09:02:25.010000 CVE-2024-26367,0,0,b529aaafa17b67cb2acc86454f07d52ca5f63eec818154b71c2a9d73a74194ff,2024-11-21T09:02:25.230000 CVE-2024-26369,0,0,4e01a7ea9f778bafd7275b141c0b3f2179ae10cc998894eb5e91895b90153fcf,2024-11-21T09:02:25.457000 -CVE-2024-2637,0,1,8b612a524d30311dd22af4291dccfe6d8338e3ec33a4a4f671d3ca8301a4b6cd,2025-04-24T07:15:29.910000 +CVE-2024-2637,0,0,8b612a524d30311dd22af4291dccfe6d8338e3ec33a4a4f671d3ca8301a4b6cd,2025-04-24T07:15:29.910000 CVE-2024-2639,0,0,45a532020fe06674d823d0b4e264d15e0ee33a5111617c7171979d4c53ef786c,2024-11-21T09:10:11.473000 CVE-2024-2640,0,0,2d97cdb3e462b6f0c784d4db1a7d7c20cbceea5fa11206e832577d8c929d2bf6,2024-11-21T09:10:11.623000 CVE-2024-2641,0,0,70a70be0b042731ccdc73536925161bf9a9aa50cb2b7e715353e185314654c4e,2024-11-21T09:10:11.820000 @@ -281774,6 +281776,7 @@ CVE-2025-0633,0,0,d99126f9166a4e84d3e57050e6aafa26d9cc8a19aa8e9fa3be65f2f9a812f3 CVE-2025-0635,0,0,97c2ba48a72c7101c06a2ce11947aa32804795ad5ed76ef5586cdf1bab2602b3,2025-01-23T11:15:10.890000 CVE-2025-0637,0,0,527088f0979b18ce444b6ef69464399256b011e8d9eae0913ca1205a9c4503aa,2025-01-23T16:15:36.617000 CVE-2025-0638,0,0,d2f28f2eed7bea7b9f8ec19bd8fd1769a6b74ef8696049ed8fd676bfab511c4b,2025-01-22T16:15:29.977000 +CVE-2025-0639,1,1,b2015d492a3b8915034d0b2695404e0b58999d60947b014edb372914625010a7,2025-04-24T08:15:14.190000 CVE-2025-0648,0,0,14768df502506893e04a871405a68a3a94ff0c449b83e66c30586b78c50c67b0,2025-02-17T13:15:09.667000 CVE-2025-0650,0,0,a9fc324c64dd82aee521d1bffa9b7782cf03bd2f6e410628d7018de6f1170f96,2025-02-06T09:15:11.697000 CVE-2025-0651,0,0,b1abaff9b79f4b2065b368c16dba6244d38fea5352b0c15967b39f4433b66d5f,2025-01-22T18:15:20.363000 @@ -281853,7 +281856,7 @@ CVE-2025-0751,0,0,0efa0957e87c78d91feee9c5b60c767ad1a73d0975464bcb9c8ba1b6cbbc82 CVE-2025-0752,0,0,de749aab58e2326cecf2e69cd47cb06af87bcedce5e0f5e8b795ca284455a6c7,2025-01-28T10:15:09.493000 CVE-2025-0753,0,0,c31e8dbd9d781b37db4d790b1206c27db098e661945670b7848cba0c8afd301c,2025-02-28T22:22:35.957000 CVE-2025-0754,0,0,01e22cbc27c23b2a20fc22b4b38925f42f70aba0e3cf26d239fd3f71faae49ca,2025-01-28T10:15:09.697000 -CVE-2025-0755,0,0,a756693274b211f936030a1b123d06fc9f09b8085a54bd20383a0ef5f5b87d9f,2025-03-18T09:15:11.487000 +CVE-2025-0755,0,1,6d0dbadfda4a802c88ca940e4a533e59c6edc3de28616d86b3c764f16adc71af,2025-04-24T09:15:29.790000 CVE-2025-0756,0,0,43a58eb4c255910204f47920c829e3c277dc9702dba28e933544bcf8bef5cfeb,2025-04-17T20:21:48.243000 CVE-2025-0757,0,0,59aa41a6c286ba5c2055d029cbb96bb40f959c2289edbc1be429cd0a97802c5f,2025-04-17T20:21:48.243000 CVE-2025-0758,0,0,69326bdea2481f3abf9942aa968a6bd2409709414081195390e4a044778cf16f,2025-04-17T20:21:48.243000 @@ -282241,6 +282244,7 @@ CVE-2025-1276,0,0,38664ae90286d93b5ef639cbc11376387475e666a0c25f921255b750618f1f CVE-2025-1277,0,0,325555c44f70ad7d37b35ed1f80959423e8aa05f5fde06078e356d66af39bae5,2025-04-16T13:25:59.640000 CVE-2025-1282,0,0,09bbe8fbf6ad958ee527dda55af05e43520fd8fabad49e275c5ad8ac54adbc57,2025-03-11T16:08:00.790000 CVE-2025-1283,0,0,a4d93a77d81ec07731b68bab3e1d00afd05dc0ae7fee050881be213abacce036,2025-04-10T18:55:23.537000 +CVE-2025-1284,1,1,418c162f719cc63a044f9de8e21ff57d84adade2a59e977b87924216a431956a,2025-04-24T09:15:29.963000 CVE-2025-1285,0,0,3182990c1bc942ab8f686c8030ea96842badd7c599b496272a03f16c99f15c97,2025-03-14T05:15:41.977000 CVE-2025-1287,0,0,a38b4c646fabca7e5d65d4995ba500f7cbac83852f08d2e5f8de89e20d5c98b9,2025-03-24T18:19:22.993000 CVE-2025-1290,0,0,c9c6b4e4034fee3373a4498ecd0e4538ef34ec42c33aea19a440c94d0456b307,2025-04-17T20:21:48.243000 @@ -282355,7 +282359,7 @@ CVE-2025-1449,0,0,96e80016899d7efd6b5903e0bd5984545e6534e36d574b5746b82bf2741684 CVE-2025-1450,0,0,f0a28cf37155f4c16fff9326b0ffe6a415c6c5c1475546052ba68718728afcec,2025-03-11T15:46:05.180000 CVE-2025-1451,0,0,ec6fe899fd888829fdb360d361245840f88ca8152b7a7e9839ef57ba5f996bb9,2025-03-27T15:40:03.640000 CVE-2025-1452,0,0,3e2a2b961d493642668dd5d757e3135aee03e85d6914645ab6a62b9e89b5cf1e,2025-03-27T16:45:46.410000 -CVE-2025-1453,1,1,ed80660196c00e8706285a1099ca8d573a2289535b0fc02c5e7cc2c796206771,2025-04-24T06:15:43.957000 +CVE-2025-1453,0,0,ed80660196c00e8706285a1099ca8d573a2289535b0fc02c5e7cc2c796206771,2025-04-24T06:15:43.957000 CVE-2025-1455,0,0,46a6d9d419b4419f96bc8b6c258423e9acd2c1f0395e883d289d7f812d9565fa,2025-04-15T18:39:27.967000 CVE-2025-1456,0,0,346ab480833591aafa4def0db688e39a034a34b0a2fc258a44bae62c0e34161a,2025-04-15T18:39:27.967000 CVE-2025-1457,0,0,3bc1de1804be30e1ce1d9f9076f02cce357793914c558c053d99dad4ac2fe48b,2025-04-21T14:23:45.950000 @@ -282551,7 +282555,7 @@ CVE-2025-1724,0,0,b8e86d6fa70198b5cc9fe6224a04663cb9564b5f8c33fbf347cdad07f13847 CVE-2025-1726,0,0,2f1dd31a8200e6d83c282baf3f0abaf3df3bb9d56b822973c75d4b2e2b3c7f8c,2025-02-26T20:15:13.510000 CVE-2025-1728,0,0,126b29abd5a8b7142eab21be075a4425d5b9e0d4bb1eedd2c9477807954e2152,2025-02-26T22:15:14.333000 CVE-2025-1730,0,0,1995ccb1e144a2c7a6984fe76cde065e7b6f85edc7bf90ff89583ed751f146df,2025-03-01T07:15:11.380000 -CVE-2025-1731,0,1,c650641065d59837e5bca7f887fb7b6578f0044f21cb48d28604109c99bdf9eb,2025-04-24T06:15:45.497000 +CVE-2025-1731,0,0,c650641065d59837e5bca7f887fb7b6578f0044f21cb48d28604109c99bdf9eb,2025-04-24T06:15:45.497000 CVE-2025-1732,0,0,89566dbdf349338f87602aa4638efc6dfed9f15e7115320e46d7ed10d08d0bf7,2025-04-23T14:08:13.383000 CVE-2025-1734,0,0,30fc1fb2735b5f2600cc56424de4c5b2acf076d3cbcb8f2f5e0f5cad4b061c05,2025-04-01T20:26:30.593000 CVE-2025-1736,0,0,88a51c283f4d0834bbf11d46dc4103f7cba768043b28133bff6d571f4b16f08b,2025-04-01T20:26:30.593000 @@ -282690,6 +282694,7 @@ CVE-2025-1903,0,0,6d340e8ed917a821f64df99818d24e210d21c9915d508adde3298f17a8197a CVE-2025-1904,0,0,f1403f89463521fa6ecf20ea0b63150d28c96f5825eb8230b39ee2a81e24b378,2025-03-06T12:20:33.473000 CVE-2025-1905,0,0,2b4eb6efb4aab05c0b5f79955f2e8fa7379c3a611db1f2d5266246ca15810f0c,2025-03-06T12:21:06.503000 CVE-2025-1906,0,0,25be12853bbdada8a0f0b6f9783f2e12a1ead904ee5fe2efcc8d708d8d5a84e0,2025-03-06T12:17:27.613000 +CVE-2025-1908,1,1,dbe5607a7c05de98a8290181f41f1bd62f98039363b3790d4415d0f147b26b7e,2025-04-24T08:15:14.333000 CVE-2025-1911,0,0,2e91c6b1d959cb6ca722089184997cbda20efda4aa5d2ef28d2794cac01c676f,2025-03-27T16:45:27.850000 CVE-2025-1912,0,0,49337feb908734040a0bfa95da816c69dae3aab8883429d3fccd45a08a1fe10f,2025-03-27T16:45:27.850000 CVE-2025-1913,0,0,ed75b3f8cfdd5b59fd97fd4a85114e92d8be81db43677a0c3ee67ea91d3bb9ec,2025-03-27T16:45:27.850000 @@ -286582,6 +286587,7 @@ CVE-2025-25426,0,0,108c4b754e54717537bad215341cffab6a867457930f1858a7d85368cf0a6 CVE-2025-25427,0,0,c82a0869650bfdcbf39a26ade0b4b78ba5fa257bdc63443106ba83833cfe00f5,2025-04-21T14:23:45.950000 CVE-2025-25428,0,0,a4039c579030febd59545c017c3c1beb99a5f4778526e73f910acc016f0edd9b,2025-03-04T16:15:39.597000 CVE-2025-25429,0,0,a95bef6ecb2c9e9037f1ebf79f87a2b0c7101933c3f64e22cf3f921f022ed0ed,2025-02-28T23:15:10.903000 +CVE-2025-2543,1,1,eca438c23fd2a8c5e3739b0adb4cfa353f8fd0f4e65e09aafd5395afb154a701,2025-04-24T09:15:30.143000 CVE-2025-25430,0,0,9163efbf1f16deef9388edc5dfce8619e56506503048f018e2813a808e54d729,2025-03-04T16:15:39.763000 CVE-2025-25431,0,0,b394e7042bdaf0befa6d619f673ec987ef0e6b97c7a283213fbe60ffc2fa9133,2025-03-04T16:15:39.917000 CVE-2025-2544,0,0,61f3dad808e2359bbac367a26f479ab656345326f5e769e424e5a0af4077faa5,2025-04-07T14:17:50.220000 @@ -286648,7 +286654,7 @@ CVE-2025-25568,0,0,8bf6eccd897b3aef0c5b736978952194e590be79850ad050dceac1781eef8 CVE-2025-2557,0,0,a42b70c78dcd89b9d3e57fec472337c34078e8807b7744b63a4210d869265076,2025-03-20T19:15:38.220000 CVE-2025-25570,0,0,a1a60fff83d4e58f97f6cb73bc995dd008cce7cbdda97b57369c1d11bafc9be9,2025-02-28T22:15:39.630000 CVE-2025-25579,0,0,9ad1112c1ed3d836da183b36b2d4375f4736b0d6d1110b2bc10e441acd9590d4,2025-04-07T14:23:36.660000 -CVE-2025-2558,1,1,cebc7cb40d2a0e4a6066f0dad8de4daa9c8e7d745868bfdd5a72a8cf684c9754,2025-04-24T06:15:45.800000 +CVE-2025-2558,0,0,cebc7cb40d2a0e4a6066f0dad8de4daa9c8e7d745868bfdd5a72a8cf684c9754,2025-04-24T06:15:45.800000 CVE-2025-25580,0,0,981db6fd6e3e758c95a7a3f18e0cb48f5883f5e68031cb88007741a3d3ada90e,2025-03-19T19:15:44.917000 CVE-2025-25582,0,0,fdff5f005418e70695619b15a5365b87844b6870f1b28eb8b42a995086eb8722,2025-04-02T12:27:19.593000 CVE-2025-25585,0,0,aa4f3350849e7a6d1d328ba035f3acd3940e4357ca726a2c6819200e720715c1,2025-03-19T19:15:45.203000 @@ -286740,6 +286746,7 @@ CVE-2025-25783,0,0,6329df69fd0a54ba6d0f31849a17600b168da9709376108915818dc3764ea CVE-2025-25784,0,0,0ad0989845f8e30f12e455449de911107ffaede0d9733a72f1c0bd4468008319,2025-04-10T17:42:20.670000 CVE-2025-25785,0,0,6267e9b9a8e397817e2030d405315b8269946623475246ca055a8f52dba3a89e,2025-04-10T17:38:56.293000 CVE-2025-25789,0,0,8620a6d2cadaa49df446df4ef7dafc8cee7866e4a8a0e5755098b7fe0d9198fb,2025-04-09T14:08:57.030000 +CVE-2025-2579,1,1,5f7bd850005de392c5c421b2ac35ec73ac59163c84db079ce1320c49a04cf6ff,2025-04-24T09:15:30.317000 CVE-2025-25790,0,0,679b260258cbdcc1662543669243fb8ea8cc2d98124e20787ac1665319c74a8b,2025-04-09T14:08:49.560000 CVE-2025-25791,0,0,dbe9fb277624d60ffce1afefc7e8c7a04946c351a1a6a72a9dd8676c48d8675b,2025-04-07T18:52:59.103000 CVE-2025-25792,0,0,f944d5bf6adc6b88eabbe9cb9204da3af3c9d4bb356b2fd42fbb4d8543c77102,2025-03-28T17:00:32.973000 @@ -288920,6 +288927,7 @@ CVE-2025-30576,0,0,e1d87ee2aace225dc7cca88448af9a1521f8ee6d8dd508d389e89e80435af CVE-2025-30577,0,0,26e59d52b73762620dbae646b94e9c324eeb683a80c9cc4b66589a6dc0541819,2025-03-27T16:44:44.143000 CVE-2025-30578,0,0,df0e515b67de27403fead6b3a0d0605b0745ef6905beb293f877aee39986b25d,2025-03-27T16:44:44.143000 CVE-2025-30579,0,0,da2f55024609e1594c641c65c436343740b52aeabbd2f346fe4788234dc64bb1,2025-04-01T20:26:11.547000 +CVE-2025-3058,1,1,0281618882375e0ef40337cff6690bebd9c8d47be5f6550781650dc76c464fdf,2025-04-24T09:15:30.500000 CVE-2025-30580,0,0,6381da27fd12c08384ba9231a62ea0ef9bcef0c60a27c676b80196d25920a4cf,2025-04-02T14:58:07.527000 CVE-2025-30581,0,0,4d19dfdbed84fcf0c4e24e7260ec626ebeb80c300c7d2006ae0d8d9b7b8df858,2025-03-27T16:44:44.143000 CVE-2025-30582,0,0,06bee20e18d636e9fb3bca8f1b5af5a9bbc9d1eed3a33dd305728492366b1e0e,2025-04-11T15:39:52.920000 @@ -288975,6 +288983,7 @@ CVE-2025-30646,0,0,28d62fd6799c9878b8e5b97f58d5c94e997eb2cad5033685842aa96d94a56 CVE-2025-30647,0,0,e650448812493d120708ef6a0656829268d8ce8f503c117211ddd68e69415d53,2025-04-11T15:40:10.277000 CVE-2025-30648,0,0,a1830d28858fa6ad1a106eaa8f2578ca9e5751e31d5915e7e1e9bd92315371c1,2025-04-11T15:40:10.277000 CVE-2025-30649,0,0,c0b89ad6ff5b64cf26e82955b85e8273504ca58e7ea67c04eb2d592d7542429d,2025-04-11T15:40:10.277000 +CVE-2025-3065,1,1,695e3dfbc309dd39d1c7bf3de4fa1312b576105047e4c47c4a90b30c8bb454d3,2025-04-24T09:15:30.663000 CVE-2025-30651,0,0,e475ea9163601795695b5ba63968056a7b6d4a5603c1db5539e52f93bbb3e7de,2025-04-11T15:40:10.277000 CVE-2025-30652,0,0,3af6d7230831489ceb4d2040b6d76cd0cfe64e7c5646959fee7bce6aeec75bc8,2025-04-11T15:40:10.277000 CVE-2025-30653,0,0,f0e72a77a1b258621c8f90e55ac7e9d36508d8d9a288f65afe1925ff1a2c6238,2025-04-11T15:40:10.277000 @@ -289256,6 +289265,7 @@ CVE-2025-31005,0,0,ceb79a2f36fcb390061964b11e10127964f5604b0d6b95191e77fe9337f63 CVE-2025-31006,0,0,88209a26cc6d8b2335b8dbabf067bc390d317eed21f99b6f7e1fd2cf7ea2f1f1,2025-04-17T20:21:05.203000 CVE-2025-31008,0,0,574e1cf42f8a16e13e787c6fb8ae3504d667cff8301f5b3817d1be7163f33d9b,2025-04-09T20:02:41.860000 CVE-2025-31009,0,0,00ef1dcb50827d398a2f6c01ffba26a90073ce49541136b216e5baa33ed8b4e8,2025-04-09T20:02:41.860000 +CVE-2025-3101,1,1,c1c1b21c205608a36281ce37a88105315d7b9f29b22cc715bbd3d48dd31616ad,2025-04-24T09:15:30.843000 CVE-2025-31010,0,0,c1f5ed11290de791a7c3fbb3f13d7b367feca7817eca67ce914a4ef488ac6cf5,2025-03-28T18:11:40.180000 CVE-2025-31011,0,0,f986b175c396d6259decc4ae8a816f426260bd831d671bd46f4e850733a946e9,2025-04-15T18:39:27.967000 CVE-2025-31012,0,0,1f46b9635d7584db0ebef271a97e01198fa0633ac746e331966237bdddb260f8,2025-04-09T20:02:41.860000 @@ -290469,7 +290479,7 @@ CVE-2025-32699,0,0,23a94d723c50baa82e78f6da8a3b64d0890697435859549aeff9405065761 CVE-2025-32700,0,0,c0e8c73e6cd2dba0f2638bdb87a5004e45d9151953fe53305663743891fc2cb9,2025-04-11T15:39:52.920000 CVE-2025-32726,0,0,91136782c0c58a96138194cd454d47b71b0e86e3f0a06431e8d3ca26e00cb323,2025-04-15T18:39:43.697000 CVE-2025-32728,0,0,3412470eeb78d54bf8cb06076372596e4f91bb03b171bf6dd938a768564aebbf,2025-04-11T15:40:10.277000 -CVE-2025-32730,1,1,76d9ca346b4892e5dd1d8b4adc82d1295f78401acdc334bc0b1103063eb983c4,2025-04-24T07:15:31.077000 +CVE-2025-32730,0,0,76d9ca346b4892e5dd1d8b4adc82d1295f78401acdc334bc0b1103063eb983c4,2025-04-24T07:15:31.077000 CVE-2025-32743,0,0,22cd88375a4ea091d730f6e11751ffcb7fa9bb31f6c5963a03a37755aa77afd4,2025-04-11T15:39:52.920000 CVE-2025-3275,0,0,f07968903a6add25d3bac4ab6edf4f2011e9a13d4882b8fd03f1851e6b4624b5,2025-04-21T14:23:45.950000 CVE-2025-32754,0,0,b06e63b88f7bcd6c413b62f3af573f57520ee0eb9275ec793f6c9f8573602933,2025-04-11T15:39:52.920000 @@ -290511,6 +290521,7 @@ CVE-2025-32792,0,0,5617465372754753e6f838bd9a5e8e1789ad8b344ec076ba7e3dadb68ae93 CVE-2025-32793,0,0,53c512d5ca796aaa2074213fb6811f42fd2ddcbb1551cf07ba87dac176a68735,2025-04-23T14:08:13.383000 CVE-2025-32795,0,0,ada1e048127459bcd3b5b8388d73b0903e52152ee697b61012cd44ac43593444,2025-04-21T14:23:45.950000 CVE-2025-32796,0,0,7063247346e35cdf876bedb612e1538faf0ad59442fef757f429e4c0debc5ad1,2025-04-21T14:23:45.950000 +CVE-2025-3280,1,1,a1adfd079b9a100a6ceca3764393c5c0d44070ee0ce1b9716194e0f7b4c48aba,2025-04-24T09:15:31.020000 CVE-2025-32807,0,0,791ea9650394de4a3c6a4bce28448af084ce5e8fb834d69b1769b35b955fdca4,2025-04-11T15:39:52.920000 CVE-2025-32808,0,0,4460b802a312298836218e51f145ee69f847802ae0b680f0631fd4c9d767af72,2025-04-11T16:15:20.673000 CVE-2025-32809,0,0,ca90ff3ced06efa4e939486b48b76783f1482c86186847921ab08cd5bd99e3d5,2025-04-11T16:15:20.807000 @@ -290631,6 +290642,7 @@ CVE-2025-3299,0,0,4bb68d1a77531b6cf0d60c8ebf8a47f27b8c946ab637bd433e4b42368b67a2 CVE-2025-32993,0,0,efe10e43b700d805bab5f9cbf4da0d85804a68c5ec719e614ee799809a295233,2025-04-15T18:39:27.967000 CVE-2025-32996,0,0,66cdefdd4ac5ef2c3d78ef7b0a3a801233b441eea948b7804c8316fb0d1631f0,2025-04-15T18:39:27.967000 CVE-2025-32997,0,0,585b29f934052489f32ea07f36835b226451d0492c02f05a8ece6f7bdf5daba5,2025-04-15T18:39:27.967000 +CVE-2025-3300,1,1,7e276f02a73d782632d0724f5e5af8de5c7a3de05769a1e852c83769f9ad3b36,2025-04-24T09:15:31.203000 CVE-2025-33026,0,0,16823ea87e15ed5dd06862f606f290dd47fd68e96dd8b001f96144de8d0bef0f,2025-04-22T17:37:37.900000 CVE-2025-33027,0,0,7eab01e487a6d7e5995be743240039568e40250da0b46842bccc9ddc38610741,2025-04-15T18:39:27.967000 CVE-2025-33028,0,0,abe1ecf54490db7447f2cb4b6858d9b8e9d40393d98c0f7e51b205de8bc1fd46,2025-04-15T18:39:27.967000 @@ -290832,8 +290844,11 @@ CVE-2025-3590,0,0,4a0453d8b3689d6f2e7dcbfdf29c48f9e72ed335c884f8c177d44093a3f9f8 CVE-2025-3591,0,0,9faf0d8d54afa4d861e787bba12e728bac4244da2f6db382b13f6aac7674e68a,2025-04-15T18:39:27.967000 CVE-2025-3592,0,0,3766f02a8a9b7546b3744ae601fb2a46406e95eb867e2ef9712274445e3cdb7b,2025-04-15T18:39:27.967000 CVE-2025-3593,0,0,a01f66982e63d1a9077a22fb9d3bb17c3788e9968a5ce8acfaa25734a955883b,2025-04-15T18:39:27.967000 -CVE-2025-35965,1,1,5032599512a77bd51cf02842d0854bae70c3e0a5ffd87935d76910ac7a5562b3,2025-04-24T07:15:31.280000 +CVE-2025-35965,0,0,5032599512a77bd51cf02842d0854bae70c3e0a5ffd87935d76910ac7a5562b3,2025-04-24T07:15:31.280000 CVE-2025-3598,0,0,edf26968210ce22617ec678e5e822a9b5bd12eb64af0b7486db98454fc1aebda,2025-04-21T14:23:45.950000 +CVE-2025-3603,1,1,528b682d4291a1224b42893433697d22b911f371a51927b820eacad6e22b750e,2025-04-24T09:15:31.367000 +CVE-2025-3604,1,1,baf31b0791e80504b193fa7013e2e38c60ac45c1991419d39d318c8f5b9465a1,2025-04-24T09:15:31.537000 +CVE-2025-3607,1,1,ecdbe72dea167374582b7a0b21b2763d55a028fec03c0df7dca0ae6a22873e5d,2025-04-24T09:15:31.730000 CVE-2025-3608,0,0,39b182f4ebb2561066bac4e2df270fac3ea79c341f6f5d3809c1d21f023dee46,2025-04-18T15:15:59.183000 CVE-2025-3612,0,0,b3e7e1fd46c9147c27f3feb15d1a5ba8eabce3f8bab41f1f78e6d74dff7b1b50,2025-04-15T18:39:27.967000 CVE-2025-3613,0,0,9c314abbc6473987a4462c7f86d0ede7026d1a1d89f3e10127913343b31eedd8,2025-04-15T18:39:27.967000 @@ -290896,12 +290911,13 @@ CVE-2025-3737,0,0,98a95ab2f4879b0b170253df49030361243357a0145c7fdf9d3fa9de5820ef CVE-2025-3738,0,0,c83d4f2a6441d2be69ba3cb43eb59d7030deb3093e3e67d3c0e56f5cdb68cd8a,2025-04-17T20:22:16.240000 CVE-2025-3739,0,0,3ba4b773d7335861548869f23a25d3ac3371b26ca4f649a48ada76178430d177,2025-04-17T20:22:16.240000 CVE-2025-3760,0,0,36221436c9b2aad8e2661d17eeb875cdb75bc11bc6de102414da035a40dafb2c,2025-04-17T20:21:48.243000 -CVE-2025-3761,1,1,29b48d6ef97bbd82b1ba2374596b164d6785c6a2f2073db12b269cee052b0c63,2025-04-24T07:15:31.437000 +CVE-2025-3761,0,0,29b48d6ef97bbd82b1ba2374596b164d6785c6a2f2073db12b269cee052b0c63,2025-04-24T07:15:31.437000 CVE-2025-3762,0,0,2cd33c56775b0364c0c4571374c3d034630212b70aa6400f2018cfd1493149ca,2025-04-17T20:21:05.203000 CVE-2025-3763,0,0,75c598dd1784756201983d6c04c42b970f6d55306d12e8ca927bf77d5715fca5,2025-04-18T21:15:44.287000 CVE-2025-3764,0,0,192085e50203a378873b0fba70930bdb42ca705b402010a5434576b8a6b54b6e,2025-04-17T20:21:05.203000 CVE-2025-3765,0,0,1013acbb24b428a59ff55984fd6a510ede3b7a74d0f6249931765b20d6806ee3,2025-04-17T20:21:05.203000 CVE-2025-3767,0,0,292444054f64728a26421e1d4abd19f40fd20bae5ef25e71c0fda7db865359ae,2025-04-23T14:08:13.383000 +CVE-2025-3776,1,1,cf81d0de1f8bc345c4abdbda2fd10df58ffa252c89f7ba1ddea13cef90f5d4da,2025-04-24T09:15:31.890000 CVE-2025-37785,0,0,d1c64bd1cadcc5f51780313b6aae97c63b6e0722d1c5a54d61cc46c9690e399a,2025-04-21T14:23:45.950000 CVE-2025-3783,0,0,08564e7625cce7923d54746f30fbc8f13bf12d9607faa6a7346084b96420b3f3,2025-04-23T18:03:35.193000 CVE-2025-37838,0,0,a4e1bbad3af00804444e072d98e351d33f62c70d3efe4e1e3b8f120c7ccb02ea,2025-04-21T15:16:00.977000 @@ -290916,6 +290932,7 @@ CVE-2025-3790,0,0,dc490dedfd3bb31d7338c71c9fcad5c80abd89749a2e60e6c362365fde1251 CVE-2025-3791,0,0,291bfa74dbfa6e6e6c9947564765be440c26b137eac96eb1712e4de3014fe092,2025-04-21T14:23:45.950000 CVE-2025-3792,0,0,626f142eb589b39cf00a55b3a0accb178a0101c9e56a4bac9f54695372acad2c,2025-04-21T14:23:45.950000 CVE-2025-37925,0,0,e68e788440066c2a6e1becb21a931223606c25d8acf63cf39d317b99fb8ffa73,2025-04-21T14:23:45.950000 +CVE-2025-3793,1,1,f9510a4d766a7410f00359639b603d756d9d8647e528e5130f3a3d8e3f67b606,2025-04-24T09:15:32.077000 CVE-2025-3795,0,0,76d259997892e849d7fdd617e0e88fa943927e768558d8d394746f81795a3a48,2025-04-21T14:23:45.950000 CVE-2025-3796,0,0,5bba9717d327179093efb5cc9cef09fed229b949cd8902af2f1c4dc4c6d27773,2025-04-21T14:23:45.950000 CVE-2025-3797,0,0,dda4f68589e5e388ce28ec26952f5fd1c69525d1b6ae36e32ac67bfe0c706913,2025-04-21T14:23:45.950000 @@ -290951,6 +290968,7 @@ CVE-2025-3827,0,0,8d579d5a0fa0b0c619516b6899bfd1458fc50e59a12faf1918b859c5a98c41 CVE-2025-3828,0,0,c62ed8e74700c5473ae6a6e70e88c5e1473e21c0d41947e7b32be028a4e4b130,2025-04-21T14:23:45.950000 CVE-2025-3829,0,0,0d200174e1f5ad2e3e4e80c27fc89b45c3e82478ed1e79a1bb52b4d722c00627,2025-04-21T14:23:45.950000 CVE-2025-3830,0,0,385e6cc94a24df49654455af07a3fefd23315374d03c407edb3632119683e79d,2025-04-21T14:23:45.950000 +CVE-2025-3832,1,1,c8e825fca13deda2f9ea35b3be66803145a73e3ac7325978894f85e5994b8ed8,2025-04-24T09:15:32.250000 CVE-2025-3837,0,0,9d2632751bbea9085621542962290423f86ded728e775e6f66cd65e68fa00158,2025-04-21T14:23:45.950000 CVE-2025-3838,0,0,7ee01d7225be3424548bdf053aee8ac4d27b7f8532bfc955591b4471c7d20b3f,2025-04-21T14:23:45.950000 CVE-2025-3840,0,0,bbc382c2e456ea2b19d742b9c2e4628cfae75e7af21166f7ab38a675161c99b0,2025-04-21T14:23:45.950000 @@ -291112,8 +291130,8 @@ CVE-2025-40014,0,0,9c93b86036d60f38f0f187b8c5793318088bfcafe515374cce4c97c53c702 CVE-2025-40114,0,0,e4d744f28120ab6554e4d13f2f9f1eeaeee8726fca02a9f9f521440a390d4e6d,2025-04-21T14:23:45.950000 CVE-2025-40325,0,0,a6e3862a6512d1062886fb893478a1faf062d9cb4443f34babdc0e4290aabe28,2025-04-21T14:23:45.950000 CVE-2025-40364,0,0,7079032d03c94977f22edeb418796e7b8ec133f463d81beda02e4d226b1c4205,2025-04-21T14:23:45.950000 -CVE-2025-41395,1,1,535739cf2f1a09a04fcaca5ebbacbc6eaa961a29bb18bbf7692303a2821f73cf,2025-04-24T07:15:31.600000 -CVE-2025-41423,1,1,1095c0d3ca93e5bc70d40ca9eca63c9012de951a569f9fed2371202752c239a6,2025-04-24T07:15:31.740000 +CVE-2025-41395,0,0,535739cf2f1a09a04fcaca5ebbacbc6eaa961a29bb18bbf7692303a2821f73cf,2025-04-24T07:15:31.600000 +CVE-2025-41423,0,1,93efe9021e462c030df2805c97639e4c08887fd24a3476342e68b9a19e6a2867,2025-04-24T07:15:31.740000 CVE-2025-42599,0,0,9659da8e8aac322bbaf38e5450526281170e18645caf922988ff7e1c8a3c28d4,2025-04-21T14:23:45.950000 CVE-2025-42600,0,0,fea8dbfef12655e45d47bfa0fa1e2e7aa4b0b4b0150cdf9ac0d36b90366220f1,2025-04-23T14:08:13.383000 CVE-2025-42601,0,0,268646a252883d6a305220008d02b9e9cd7f8aa05fbc78623e895b8a325a3fda,2025-04-23T14:08:13.383000